package com.csw.jdbc.config;

import com.csw.jdbc.hander.MyAuthenticationFailHandler;
import com.csw.jdbc.hander.MyAuthenticationSuccessHandler;
import com.csw.jdbc.service.impl.TbUserServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;

import javax.sql.DataSource;

/**
 * 自定义加密方式
 * @author shengwencheng
 * @since 2021-11-06 12:02
 */
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private TbUserServiceImpl userServiceImpl;

    @Autowired
    public DataSource dataSource;


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //设置UserDetailsService的实现类
        auth.userDetailsService(userServiceImpl);

    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 认证
        http.formLogin() //表单登录
          .loginPage("/login.html") //自定义登录
          .loginProcessingUrl("/user/login")
                .defaultSuccessUrl("/main.html")
          //.successForwardUrl("/main") //认证成功之后转发的路径,必须是Post请求
          //.failureForwardUrl("/toerror") //认证失败之后转发的路径,必须是Post请求
          //.successHandler(new MyAuthenticationSuccessHandler("/main.html"))// 认证成功重定向处理
          //.failureHandler(new MyAuthenticationFailHandler("/error.html"))// 认证失败重定向处理
          .and().authorizeRequests()
          // 授权指定的请求，不用认证
          .antMatchers("/user/login","/login.html","/error.html","/session/invalid").permitAll()
          .anyRequest().authenticated()//需要认证
          .and().csrf().disable(); //关闭csrf防护
        //session失效设置
        http.sessionManagement()
                .invalidSessionUrl("/session/invalid");
        //记住我
         http.rememberMe()
        .tokenRepository(persistentTokenRepository())//设置持久化仓库
        .tokenValiditySeconds(3600) //超时时间,单位s 默认两周
        .userDetailsService(userServiceImpl); //设置自定义登录逻辑

    }

    //获取数据源
    public PersistentTokenRepository persistentTokenRepository(){ JdbcTokenRepositoryImpl jdbcTokenRepository = new JdbcTokenRepositoryImpl(); //设置数据源
        jdbcTokenRepository.setDataSource(dataSource);
        return jdbcTokenRepository;
    }

    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
}
